While using your bank’s online servicing you notice the following string in the URL bar:

Last Updated on August 7, 2021 by Admin 1

While using your bank’s online servicing you notice the following string in the URL bar:
“http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21”

You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.

Which type of vulnerability is present on this site?

  • Cookie Tampering
  • SQL Injection
  • Web Parameter Tampering
  • XSS Reflection

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments